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DETAILED ACTION 

1 . This Office action is in response to the Amendment filed on 4/1 0/07. 

2. Claims 1-21 are pending. 

Response to Arguments 

3. With respect to claims 1-3, 6, 10-11 and 15-18, applicant argues that the 
combination of Leung and Marko is improper because Marko teaches away from the 
teaching of Leung. Remarks, pgs. 2-4. In particular, applicant argues "Marko teaches 
to automatically register more than one base station with the mobile station," whereas 
"Leung discloses preventing repetitive accesses to the authentication server through 
utilization of the Home Agents." See Remarks, pg. 4. However, applicant's argument 
fails to provide a sufficient showing as to why the teaching of Marko teaches away from 
the teaching of Leung. Applicant suggests that the two teachings are mutually exclusive 
("That is, one either desires a system as taught by Leung having a single 
communication between a Home Agent and the authentication server or a system 
taught by Marko where multiple base stations register a single mobile station." ibid). 
However, nothing in the prior art suggest that the two discloses are not compatible. The 
test for obviousness is not whether the features of a secondary reference may be bodily 
incorporated into the structure of the primary reference; nor is it that the claimed 
invention must be expressly suggested in any one or all of the references. Rather, the 
test is what the combined teachings of the references would have suggested to those of 
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ordinary skill in the art. See In re Keller, 642 F.2d 413, 208 USPQ 871 (CCPA 1981). 
In this case, the teaching of Marko is actually complementary with the invention of 
Leung. Marko's teaching of "automatically registering] more than one base station with 
the mobile station" enhances the underlying goal of Leung of "preventing repetitive 
accesses to the authentication server through the utilization of the Home Agents." In 
particular Marko discloses a situation in the prior art wherein a mobile station repeatedly 
registers and re-registers with two or more adjacent base stations, thereby increasing 
registration traffic. Col. 2:10-14. Marko's teaching alleviates this problem by registering 
once with base stations in those cells the mobile station is likely to traverse. The 
teaching of Marko applies a general solution in the art to reduce registration traffic: to 
maintain registration with likely points of access to reduce registration traffic. As applied 
to the art of Leung, the teaching of Marko suggests authenticating once with all the 
likely access points by the mobile node. In the case of Leung, the access points are the 
Home agents and the Foreign agents. As such, contrary to applicant's allegation, 
Marko does not teach away from the invention of Leung. Hence, the 103(a) rejections 
to claims 1-3, 6, 10-11 and 15-18 are maintained. 

4. With respect to applicant's arguments that the Leung and Zhang prior art are not 
combinable (Remarks, pg. 6), examiner disagrees. Applicant's argument is based on 
the premise that the authentication steps of the two prior art are not malleable and that 
they form a necessarily distinct and rigid means of authenticating a mobile terminal. 
(Remarks, pg. 6, 1 st full paragraph) Implicit in applicant's argument is that any 
modification of the systems of Leung or Zhang is not feasible. Again, as addressed 
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above, the standard for proper combination of art is not whether bodily incorporation is 
feasible, but what the combined teachings of the references would have suggested to 
those of ordinary skill in the art. In this case of Zhang, Zhang discloses a prior invention 
of securing a channel using a shared session key between a mobile user and an access 
point to prevent an unscrupulous third party from tapping into the channel. Pg. 3, 
paragraph 45. As applied to the invention of Leung, using a session key provides 
similar security benefits to the transmission of information as disclosed by Leung. 
Furthermore, contrary to applicant's allegation that "Zhang contains absolutely no 
disclosure in its entirely about encrypting data exchanged between a mobile terminal 
and the access point after authentication" (Remarks, pg. 6), Zhang discloses such a 
feature: 

A mobile terminal associates with an AP using open authentication (no 
encryption). After the association, the AP runs a filter which only lets 802. 1x 
traffic (user authentication information) through. The user uses the AP as a relay 
point and mutually authenticates with the AAA server (Kerberos standard, 
RADIUS optional). Upon authentication, the AAA server sends both the access 
point and the user a per session key (encrypted). This key is used between 
the mobile user and the access point for a secure channel. The access point 
then sends the user the WEP broadcast key through this channel. Note that this 
channel can be trusted by the mobile user because the AP is authenticated by 
the user. [Emphasis added] Zhang, paragraph 45. 



5. Applicant's remaining arguments are based on those arguments discussed 
above. Hence, the claims remain rejected under the prior art of record. 
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Claim Rejections • 35 USC § 103 

6. Claims 1-3, 6, 10, 11 and 15-18 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Leung USPN 6,760,444 (hereinafter Leung) in view of Marko et al. 
USPN 5,732,350. (hereinafter Marko) 

7. As per claim 1 , Leung discloses a method for authenticating a roaming device 
with a network, comprising the steps of: 

a. generating, by an authentication server of the network, authentication data 
associated with the roaming device (col. 7:35-36); 

b. sending, by the authentication server, the authentication data to an access 
point of the network, the access point being connected to the authentication 
server(7:38-50); and 

c. when the roaming device roams to a particular access point, using the 
authentication data to locally authenticate the roaming device at the particular 
access point. (7:50-67) 

Leung does not disclose sending the authentication data to a plurality of access points 
and storing the authentication data in the plurality of access points, such that the 
roaming device is locally authenticated at a particular access point of the plurality of 
access points. Marko discloses a method for registering a mobile station among a 
plurality of base stations based upon a dynamic algorithm. When a mobile station 
approaches a cell where the mobile station is not yet registered, the mobile station 
registers with this station, whereupon a network controller automatically registers the 
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mobile station with all base stations within the group defined by the cell grouping level. 
Col. 7:24-57; 8:51-9:28. This enables the mobile station to roam among a cell grouping 
without registering each time the mobile moves to a cell within the grouping. It would be 
obvious to one of ordinary skill in the art at the time the invention was made to send the 
authentication data to a plurality of access points and locally store the authentication 
data in the plurality of access points. One would be motivated to do so to reduce user 
registration traffic. Marko, col. 1:58-65; 2:36-40. The aforementioned covers the 
limitation of claim 1. 

8. As per claim 2, the rejection of claim 1 under 35 U.S.C. 103(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, the 
method further comprising the step of storing the authentication data in a memory 
arrangement of each of the access points. See Leung, col. 7:50-67; Marko, 7:24-56. 

9. As per claim 3, the rejection of claim 1 under 35 U.S.C. 103(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. Leung does not 
expressly teach the authentication data is encrypted. However, it is notoriously well 
known in the art that authentication data transmitted in the clear is susceptible to sniffing 
attacks. To prevent authentication data from being stolen, these values are typically 
encrypted using a shared secret between the sender and receiver. For example, in the 
RADIUS protocol, a password transmitted from a client to an authentication server is 
hidden using a shared secret. Hence, it would be obvious to one of ordinary skill in the 
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art at the time the invention was made for the authentication data to be transmitted 
securely to prevent the data from being stolen as known to one of ordinary skill in the 
art. The aforementioned cover the limitations of claim 3. 

1 0. As per claim 6, the rejection of claim 1 under 35 U.S.C. 1 03(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, the 
method further comprising the preliminary steps of determining if the particular access 
point has authentication data associated with the roaming device; if the determination is 
positive, proceed to the step of using the authentication data to locally authenticate the 
roaming device at the particular access point; and if the determination is negative, 
proceed to the step of generating, by an authentication server of the network, 
authentication data associated with the roaming device. Leung, col. 7:10-31; 7:56-8:8. 

11. As per claim 10, Leung discloses a method for authenticating a roaming device 
with a network, comprising the steps of: 

d. connecting the roaming device with an authentication server upon a 
contact of the roaming device with a first access point of the network; 
authenticating the roaming device with the authentication server; generating 
authentication data for the roaming device; distributing, by the authentication 
server, the authentication data to the first access point of the network; and locally 
authenticating the roaming device upon a contact with the first access point using 
the distributed authentication data. Col. 7:35-67. 
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Leung does not disclose sending the authentication data to a second access point and 
storing the authentication data in the second access point, then locally authenticating 
the roaming device upon a contract with the second access point using the distributed 
authentication data. Marko discloses a method for registering a mobile station among a 
plurality of base stations based upon a dynamic algorithm. When a mobile station 
approaches a cell where the mobile station is not yet registered, the mobile station 
registers with this station, whereupon a network controller automatically registers the 
mobile station with all base stations within the group defined by the cell grouping level. 
Col. 7:24-57; 8:51-9:28. This enables the mobile station to roam among a cell grouping 
without registering each time the mobile moves to a cell within the grouping. It would be 
obvious to one of ordinary skill in the art at the time the invention was made to send the 
authentication data to a second access point and store the authentication data in the 
second access point, then locally authenticate the roaming device upon a contract with 
the second access point using the distributed authentication data. One would be 
motivated to do so to reduce user registration traffic. Marko, col. 1:58-65; 2:36-40. The 
aforementioned covers the limitation of claim 10. 

12. As per claim 1 1 , the rejection of claim 1 0 under 35 U.S.C. 1 03(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, the 
method further comprising the step of authenticating the roaming device with the 
authentication server if the local authentication of the roaming device fails. Leung, col. 
7:10-31:7:56-8:8. 
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13. As per claim 15, the rejection of claim 10 under 35 U.S.C. 103(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, the 
authentication server is a remote authentication dial-in user server. Leung, col. 7:1-5. 

14. As per claim 16, Leung discloses a system for authenticating a roaming device 
with a network, comprising: 

e. an authentication server connected to the network; and first and second 
access points connected to the authentication server, the first and second access 
points being capable of communicating with the roaming device, each of the first 
and second access points including a memory arrangement capable of storing 
authentication data corresponding to the roaming device, wherein the 
authentication server sends the authentication data to the first access point upon 
an initial authentication procedure of the roaming device with the first access 
point, and wherein the first access point authenticates the roaming device upon a 
contact of the roaming device with the first access point. Col. 7:35-67. 
Leung does not disclose sending the authentication data to a second access point and 
storing the authentication data in the second access point, then locally authenticating 
the roaming device upon a contract with the second access point using the distributed 
authentication data. Marko discloses a method for registering a mobile station among a 
plurality of base stations based upon a dynamic algorithm. When a mobile station 
approaches a cell where the mobile station is not yet registered, the mobile station 



Application/Control Number: 10/026,043 Page 10 

Art Unit: 2132 

registers with this station, whereupon a network controller automatically registers the 
mobile station with all base stations within the group defined by the cell grouping level. 
Col. 7:24-57; 8:51-9:28. This enables the mobile station to roam among a cell grouping 
without registering each time the mobile moves to a cell within the grouping. It would be 
obvious to one of ordinary skill in the art at the time the invention was made to send the 
authentication data to a second access point and store the authentication data in the 
second access point, then locally authenticate the roaming device upon a contract with 
the second access point using the distributed authentication data. One would be 
motivated to do so to reduce user registration traffic. Marko, col. 1:58-65; 2:36-40. The 
aforementioned covers the limitation of claim 16. 

15. As per claim 17, the rejection of claim 16 under 35 U.S.C. 103(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, the 
second access point authenticates the roaming device with the authentication server if 
the authentication data is not found in the memory arrangement of the second access 
point. Leung, col. 7:10-31; 7:56-8:8. 

16. As per claim 18, the rejection of claim 16 under 35 U.S.C. 103(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, the 
second access point authenticates the roaming device with the authentication server if 
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the local authentication of the roaming device at the second access point fails, Leung, 
col. 7:10-31; 7:56-8:8. 

17. Claims 4 and 5 are rejected under 35 USC 103(a) as being unpatentable over 
Leung in view of Marko, and further in view of Ablay et al. USPN 5,408,683. (hereinafter 
Ablay) 

18. As per claim 4, the rejection of claim 3 under 35 USC 103(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. Leung does not 
expressly disclose using prediction algorithms to anticipate where the roaming device 
will roam to determine to which access points to send the encrypted authentication data. 
Ablay discloses a method of tracking subscribers in a networked radio communications 
system having a plurality of trunked communication networks using location information 
of the subscribers to anticipate a roaming unit's location to reduce the number of 
registrations and de-registrations of the roaming unit. Col. 5:19-60; 6:26-57. Therefore, 
it would be obvious to one of ordinary skill in the art at the time the invention was made 
to combine the teachings of Ablay with the invention of Leung and Marko to use 
prediction algorithms to anticipate where the roaming device will roam to determine to 
which access points to send the encrypted authentication data. One would be 
motivated to do so to reduce the transmission overhead in keeping track of roaming 
subscribers. Ablay, 3:30-37. The aforementioned cover the limitations of claim 4. 



Application/Control Number: 10/026,043 Page 12 

Art Unit: 2132 

19. As per claim 5, the rejection of claim 4 under 35 USC 103(a) as being * 
unpatentable over Leung in view of Marko and Ablay is incorporated herein. In addition, 
the limitation of sending the encrypted authentication data to all the access points is an 
obvious enhancement in view of the teaching of Ablay that a mobile unit's registration is 
maintained at all access points in the anticipated probable locations of the mobile unit. 
Ablay, col. 5:19-26. The aforementioned cover the limitations of claim 5. 

20. Claims 7, 8 and 13 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Leung in view of Marko, and further in view of Vij et al. USPN 6,452,910. 
(hereinafter Vij) 

21. As per claim 7, the rejection of claim 6 under 35 U.S.C. 103(a) as being 
unpatentable over Leung in view of Marko is incorporated herein, (supra) In addition, 
the step of using the authentication data to locally authenticate the roaming device 
further comprises reassociating the roaming device with the particular access point of * 
the access points by providing identification information. Leung, col. 7:10-13. However, 
Leung only discloses that the roaming device provides identification, and does not 
disclose that an exchange occurs between the roaming device and access points to 
reassociate. Vij discloses a management means for wireless access points wherein 
wireless devices are mutually authenticated with access points utilizing a common link 
key to verify that the wireless device is authorized to access the access point, and to 
ensure that the access point is the intended receiver. Col. 11:1-7. Therefore, it would be 
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obvious to one of ordinary skill in the art at the time the invention was made for the 
reassociating to include a mutual authentication between the roaming device and the 
access point, since it is desirous to verify that the participants belong to the same local 
network. Vij, ibid. The aforementioned cover the limitations of claim 7. 

22. As per claim 8, the rejection of claim 7 under 35 U.S.C. 103(a) is incorporated 
herein. In addition, the reassociating step further includes the substeps of: searching a 
memory arrangement of the particular access point for the authentication data 
associated with the roaming device; and if the authentication data is found, performing a 
mutual authentication procedure between the roaming device and the particular access 
point. Leung, col. 7:10-31; 7:56-8:8; Vij, 11:1-7. 

23. As per claim 1 3, the rejection of claim 1 0 under 35 U.S.C. 1 03(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, Leung 
discloses the locally authenticating step further includes the substeps of: providing 
identification data by the roaming device to the second access point; and correlating the 
identification data with the distributed authentication data. Col. 7:10-13. However, 
Leung only discloses that the roaming device provides identification, and does not 
disclose exchanging identification between the roaming device and access points to 
reassociate. Vij discloses a management means for wireless access points wherein 
wireless devices are mutually authenticated with access points using a common link key 
to verify that the wireless device is authorized to access the access point, and to ensure 
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that the access point is the intended receiver. Col. 11:1-7. Therefore, it would be 
obvious to one of ordinary skill in the art at the time the invention was made for the 
reassociating to include a mutual authentication between the roaming device and the 
access point, since it is desirous to verify that the participants of a transmission belong 
to the same local network. Vij, ibid. The aforementioned cover the limitations of claim 
13. 



24. Claims 9, 12 and 14 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Leung in view of Marko, and further in view of Zhang et al. US Patent Application 
no. 20020174335 (hereinafter Zhang); RFC 2138 is incorporated to illustrate inherent 
properties of the RADIUS protocol. 

25. As per claim 9, the rejection of claim 1 under 35 U.S.C. 1 03(a) as being 
unpatentable over Leung in view of Marko is incorporated herein. In addition, the 
generating step further includes the steps of: receiving an authentication request from 
the roaming device; determining that the roaming device can be granted access to 
network services. Leung, col. 7:1 1-8:12. Leung does not expressly teach generating 
an encrypted session key associated with the roaming device in the authentication 
server; wherein the authentication request is encrypted. Zhang discloses an 
authentication procedure for mobile devices designed by Cisco wherein a roaming user 
is authenticated via an access point, and uses the RADIUS protocol to authenticate the 
user to an authentication server. Upon, authentication, an encrypted session key is 
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delivered from the authentication server to the access point and the user. (pg. 3, 
paragraphs 44-46; RFC 2138, pg. 4, last sentence, section 2, the password is encrypted 
using a method based on the RSA message digest algorithm MD5) Further, it is 
notoriously well known that authentication data transmitted in the clear is susceptible to 
sniffing attacks; to prevent authentication data from being stolen, these values are 
typically encrypted using a shared secret between the sender and receiver. For 
example, in the RADIUS protocol, a password transmitted from a client to an 
authentication server is hidden using a shared secret. Hence, it would be obvious to 
one of ordinary skill in the art at the time the invention was made to generate an 
encrypted session key associated with the roaming device in the authentication server; 
wherein the authentication request is encrypted. One would be motivated to do so to 
securely transmit data as reflected in the RADIUS protocol and the Cisco authentication 
procedure. The aforementioned cover the limitations of claim 9. 

26. As per claims 12 and 14, the rejection of claim 10 under 35 U.S.C. 103(a) as 
being unpatentable over Leung in view of Marko is incorporated herein. In addition, 
Leung discloses the use of RADIUS protocol to authenticate the user with an 
authentication server, but Leung does not expressly disclose the distribution step further 
includes the substep of distributing an encrypted session key to the first and second 
access points, the method further comprising the steps of establishing a shared secret 
encryption between the authentication server and the first and second access points. 
Zhang discloses an authentication procedure for mobile devices designed by Cisco 



Application/Control Number: 10/026,043 Page 16 

Art Unit: 2132 

wherein a roaming user is authenticated via an access point, and uses the RADIUS 
protocol to authenticate the user to an authentication server. Upon, authentication, an 
encrypted session key is delivered from the authentication server to the access point 
and the user (pg. 3, paragraphs 44-46; RFC 2138, pg. 4, last sentence, section 2, the 
password is encrypted using a method based on the RSA message digest algorithm 
MD5) Further, it is notoriously well known that authentication data transmitted in the 
clear is susceptible to sniffing attacks; to prevent authentication data from being stolen, 
these values are typically encrypted using a shared secret between the sender and 
receiver. Hence, it would be obvious to one of ordinary skill in the art at the time the 
invention was made for the distribution step to further include the substep of distributing 
an encrypted session key to the first and second access points, the method further 
comprising the steps of establishing a shared secret encryption between the 
authentication server and the first and second access points. One would be motivated 
to do so to securely transmit data as reflected in the RADIUS protocol and the Cisco 
authentication procedure. The aforementioned cover the limitations of claims 12 and 
14. 



27. Claim 19 is rejected under 35 U.S.C. 103(a) as being unpatentable over Leung in 
view of Zhang; RFC 2138 is incorporated to illustrate inherent properties of the RADIUS 
protocol. 
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28. As per claim 19, Leung discloses a method for authenticating a roaming device 
with a network, comprising the steps of: with an authentication server, receiving an 
authentication request from a roaming device; sending the authentication data to an 
access point of the network, and utilizing the authentication data to authenticate the 
roaming device at the access point. Leung does not disclose the request being 
encrypted with a first shared code; generating a session key associated with the 
roaming device; sending the session key to an access point of the network, the session 
key being encrypted with a second shared code; and utilizing the session key to 
authenticate the roaming device at the access point, and to encrypt data exchanged 
between the roaming device and the access point. Zhang discloses an authentication 
procedure for mobile devices designed by Cisco wherein a roaming user is 
authenticated via an access point, and uses the RADIUS protocol to authenticate the 
user to an authentication server. Upon, authentication, an encrypted session key is 
delivered from the authentication server to the access point and the user (pg. 3, 
paragraphs 44-46; RFC 2138, pg. 4, last sentence, section 2, the password is encrypted 
using a method based on the RSA message digest algorithm MD5) Further, it is 
notoriously well known that authentication data transmitted in the clear is susceptible to 
sniffing attacks; to prevent authentication data from being stolen, these values are 
typically encrypted using a shared secret between the sender and receiver. For 
example, in the RADIUS protocol, a password transmitted from a client to an 
authentication server is hidden using a shared secret. Hence, it would be obvious to 
one of ordinary skill in the art at the time the invention was made for the request to be 
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encrypted with a first shared code; generating a session key associated with the 
roaming device; sending the session key to an access point of the network, the session 
key being encrypted with a second shared code; and utilizing the session key to 
authenticate the roaming device at the access point, and to encrypt data exchanged 
between the roaming device and the access point. One would be motivated to do so to 
securely transmit data as reflected in the RADIUS protocol and the Cisco authentication 
procedure. The aforementioned cover the limitations of claim 19. 

29. Claim 20 is rejected under 35 U.S.C. 103(a) as being unpatentable over Leung in 
view of Zhang, and further in view of Marko. 

30. As per claim 20, the rejection of claim 19 under 35 U.S.C. 103(a) is incorporated 
herein. Leung does not disclose the step of sending the encrypted session key to a 
further access point of the network to authenticate the roaming device at the further 
access point. Marko discloses a method for registering a mobile station among a 
plurality of base stations based upon a dynamic algorithm. When a mobile station 
approaches a cell where the mobile station is not yet registered, the mobile station 
registers with this station, whereupon a network controller automatically registers the 
mobile station with all base stations within the group defined by the cell grouping level. 
Col. 7:24-57; 8:51-9:28. This enables the mobile station to roam among a cell grouping 
without registering each time the mobile moves to a cell within the grouping. It would be 
obvious to one of ordinary skill in the art at the time the invention was made to include 
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the step of sending the encrypted session key to a further access point of the network to 
authenticate the roaming device at the further access point. One would be motivated to 
do so to reduce user registration traffic. Marko, col. 1:58-65; 2:36-40. The 
aforementioned cover the limitations of claim 20. 

31. Claim 21 is rejected under 35 U.S.C. 103(a) as being unpatentable over Leung in 
view of Zhang, and further in view of Quick, Jr. USPN 6,178,506 (hereinafter Quick 
'506). 

32. As per claim 21, the rejection of claim 19 under 35 U.S.C. 103(a) is incorporated 
herein. In addition, Leung in view of Zhang discloses the method further comprising the 
steps of: generating a first key of the session key to perform authentication of the 
roaming device at the access point; and generating a second key of the session key to 
encrypt data exchanges between the roaming device and the access point. See Leung, 
7:50-61 ; see Zhang, paragraph 45. Leung does not expressly teach the first key as 
being different from the second key. Quick '506 discloses an authentication method 
wherein a first portion of a session key is used for authentication and a second portion 
of the session key is used for encryption. Since, the session key is larger then the 
required byte size necessary for authentication, the portion not used for authentication 
is used for encryption. Col. 5:38-50. Therefore, it would be obvious to one of ordinary 
skill in the art at the time the invention was made for the first key generated from the 
session key to perform authentication and the second key generated from the session 
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key to perform encryption to be different keys, since the protocols for authentication and 
encryption typically require different length keys. Quick '506, 5:45-50. The 
aforementioned cover the limitations of claim 21 . 



Conclusion 

THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1 . 1 36(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Communications Inquiry 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jung W. Kim whose telephone number is 571-272-3804. 
The examiner can normally be reached on M-F 9:00-5:00. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gilberto Barron can be reached on 571-272-3799. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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